#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

hacking wireless router | Breaking Cybersecurity News | The Hacker News

Hackers Exploit Zero-Day Bugs in Draytek Devices to Target Enterprise Networks

Hackers Exploit Zero-Day Bugs in Draytek Devices to Target Enterprise Networks

Mar 27, 2020
Cybersecurity researchers with Qihoo 360's NetLab today unveiled details of two recently spotted zero-day cyberattack campaigns in the wild targeting enterprise-grade networking devices manufactured by Taiwan-based DrayTek. According to the report , at least two separate groups of hackers exploited two critical remote command injection vulnerabilities ( CVE-2020-8515 ) affecting DrayTek Vigor enterprise switches, load-balancers, routers and VPN gateway devices to eavesdrop on network traffic and install backdoors. The zero-day attacks started somewhere at the end of last November or at the beginning of December and are potentially still ongoing against thousands of publicly exposed DrayTek switche s, Vigor 2960, 3900, 300B devices that haven't yet been patched with the latest firmware updates released last month. The zero-day vulnerabilities in question can be exploited by any unauthorized remote attackers to inject and execute arbitrary commands on the system, as als
Some D-Link and Comba WiFi Routers Leak Their Passwords in Plaintext

Some D-Link and Comba WiFi Routers Leak Their Passwords in Plaintext

Sep 10, 2019
What could be worse than your router leaking its administrative login credentials in plaintext? Cybersecurity researchers from Trustwave's SpiderLabs have discovered multiple security vulnerabilities in some router models from two popular manufacturers—D-Link and Comba Telecom—that involve insecure storage of credentials, potentially affecting every user and system on that network. Researcher Simon Kenin told The Hacker News that he discovered a total of five vulnerabilities—two in a D-Link DSL modem typically installed to connect a home network to an ISP, and three in multiple Comba Telecom WiFi devices. These flaws could potentially allow attackers to change your device settings, extract sensitive information, perform MitM attacks, redirect you to phishing or malicious sites and launch many more types of attacks. "Since your router is the gateway in and out of your entire network it can potentially affect every user and system on that network. An attacker-controlled
How to Find and Fix Risky Sharing in Google Drive

How to Find and Fix Risky Sharing in Google Drive

Mar 06, 2024Data Security / Cloud Security
Every Google Workspace administrator knows how quickly Google Drive becomes a messy sprawl of loosely shared confidential information. This isn't anyone's fault; it's inevitable as your productivity suite is purposefully designed to enable real-time collaboration – both internally and externally.  For Security & Risk Management teams, the untenable risk of any Google Drive footprint lies in the toxic combinations of sensitive data, excessive permissions, and improper sharing. However, it can be challenging to differentiate between typical business practices and potential risks without fully understanding the context and intent.  Material Security, a company renowned for its innovative method of protecting sensitive data within employee mailboxes, has recently launched  Data Protection for Google Drive  to safeguard the sprawl of confidential information scattered throughout Google Drive with a powerful discovery and remediation toolkit. How Material Security helps organ
New Exploit Threatens Over 9,000 Hackable Cisco RV320/RV325 Routers Worldwide

New Exploit Threatens Over 9,000 Hackable Cisco RV320/RV325 Routers Worldwide

Jan 28, 2019
If the connectivity and security of your organization rely on Cisco RV320 or RV325 Dual Gigabit WAN VPN routers, then you need to immediately install the latest firmware update released by the vendor last week. Cyber attackers have actively been exploiting two newly patched high-severity router vulnerabilities in the wild after a security researcher released their proof-of-concept exploit code on the Internet last weekend. The vulnerabilities in question are a command injection flaw (assigned CVE-2019-1652) and an information disclosure flaw (assigned CVE-2019-1653), a combination of which could allow a remote attacker to take full control of an affected Cisco router. The first issue exists in RV320 and RV325 dual gigabit WAN VPN routers running firmware versions 1.4.2.15 through 1.4.2.19, and the second affects firmware versions 1.4.2.15 and 1.4.2.17, according to the Cisco's advisory . Both the vulnerabilities, discovered and responsibly reported to the company by German s
cyber security

Uncover Critical Gaps in 7 Core Areas of Your Cybersecurity Program

websiteArmor PointCyber Security / Assessment
Turn potential vulnerabilities into strengths. Start evaluating your defenses today. Download the Checklist.
New Exploit for MikroTik Router WinBox Vulnerability Gives Full Root Access

New Exploit for MikroTik Router WinBox Vulnerability Gives Full Root Access

Oct 08, 2018
A known vulnerability in MikroTik routers is potentially far more dangerous than previously thought. A cybersecurity researcher from Tenable Research has released a new proof-of-concept (PoC) RCE attack for an old directory traversal vulnerability that was found and patched within a day of its discovery in April this year. The vulnerability, identified as CVE-2018-14847, was initially rated as medium in severity but should now be rated critical because the new hacking technique used against vulnerable MikroTik routers allows attackers to remotely execute code on affected devices and gain a root shell. The vulnerability impacts Winbox—a management component for administrators to set up their routers using a Web-based interface—and a Windows GUI application for the RouterOS software used by the MikroTik devices. The vulnerability allows "remote attackers to bypass authentication and read arbitrary files by modifying a request to change one byte related to a Session ID.&qu
Researcher Discloses 10 Zero-Day Flaws in D-Link 850L Wireless Routers

Researcher Discloses 10 Zero-Day Flaws in D-Link 850L Wireless Routers

Sep 11, 2017
A security researcher has discovered not one or two but a total of ten critical zero-day vulnerabilities in routers from Taiwan-based networking equipment manufacturer D-Link which leave users open to cyber attacks. D-Link DIR 850L wireless AC1200 dual-band gigabit cloud routers are vulnerable to 10 security issues, including "several trivial" cross-site scripting (XSS) flaws, lack of proper firmware protection, backdoor access, and command injection attacks resulting in root access. If successfully exploited, these vulnerabilities could allow hackers to intercept connection, upload malicious firmware, and get root privileges, enabling them to remotely hijack and control affected routers, as well as network, leaving all connected devices vulnerable to cyber attacks as well. These zero-day vulnerabilities were discovered by Pierre Kim —the same security researcher who last year discovered and reported multiple severe flaws in D-Link DWR-932B LTE router, but the company
Check If Your Netgear Router is also Vulnerable to this Password Bypass Flaw

Check If Your Netgear Router is also Vulnerable to this Password Bypass Flaw

Jan 31, 2017
Again bad news for consumers with Netgear routers: Netgear routers hit by another serious security vulnerability, but this time more than two dozens router models are affected. Security researchers from Trustwave are warning of a new authentication vulnerability in at least 31 models of Netgear models that potentially affects over one million Netgear customers. The new vulnerability, discovered by Trustwave's SpiderLabs researcher Simon Kenin, can allow remote hackers to obtain the admin password for the Netgear router through a flaw in the password recovery process. Kenin discovered the flaw ( CVE-2017-5521 ) when he was trying to access the management page of his Netgear router but had forgotten its password. Exploiting the Bug to Take Full Access on Affected Routers So, the researcher started looking for ways to hack his own router and found a couple of exploits from 2014 that he leveraged to discover this flaw which allowed him to query routers and retrieve thei
Netgear launches Bug Bounty Program for Hacker; Offering up to $15,000 in Rewards

Netgear launches Bug Bounty Program for Hacker; Offering up to $15,000 in Rewards

Jan 06, 2017
It might be the easiest bug bounty program ever. Netgear launched on Thursday a bug bounty program to offer up to $15,000 in rewards to hackers who will find security flaws in its products. Since criminals have taken aim at a rapidly growing threat surface created by millions of new Internet of things (IoT) devices, it has become crucial to protect routers that contain the keys to the kingdom that connects the outside world to the IP networks that run these connected devices. To combat this issue, Netgear, one of the biggest networking equipment providers in the world, has launched a bug bounty program focusing on its products, particularly routers, wireless security cameras and mesh Wi-Fi systems. Bug bounty programs are cash rewards given by companies or organizations to white hat hackers and researchers who hunt for serious security vulnerabilities in their website or products and then responsibly disclose for the patch release. Also Read:   How Hackers Hack Bank Acco
DNSChanger Malware is Back! Hijacking Routers to Target Every Connected Device

DNSChanger Malware is Back! Hijacking Routers to Target Every Connected Device

Dec 17, 2016
Next time when you see an advertisement of your favorite pair of shoes on any website, even if it is legitimate, just DO NOT CLICK ON IT. …Because that advertising could infect you in such a way that not just your system, but every device connected to your network would get affected. A few days ago, we reported about a new exploit kit, dubbed Stegano , that hides malicious code in the pixels of banner advertisements rotating on several high profile news websites. Now, researchers have discovered that attackers are targeting online users with an exploit kit called DNSChanger that is being distributed via advertisements that hide malicious code in image data. Remember DNSChanger? Yes, the same malware that infected millions of computers across the world in 2012. DNSChanger works by changing DNS server entries in infected computers to point to malicious servers under the control of the attackers, rather than the DNS servers provided by any ISP or organization. So, wheneve
Multiple Backdoors found in D-Link DWR-932 B LTE Router

Multiple Backdoors found in D-Link DWR-932 B LTE Router

Sep 29, 2016
If you own a D-Link wireless router, especially DWR-932 B LTE router , you should get rid of it, rather than wait for a firmware upgrade that never lands soon. D-Link DWR-932B LTE router is allegedly vulnerable to over 20 issues, including backdoor accounts, default credentials, leaky credentials, firmware upgrade vulnerabilities and insecure UPnP (Universal Plug-and-Play) configuration. If successfully exploited, these vulnerabilities could allow attackers to remotely hijack and control your router, as well as network, leaving all connected devices vulnerable to man-in-the-middle and DNS poisoning attacks. Moreover, your hacked router can be easily abused by cybercriminals to launch massive Distributed Denial of Service (DDoS) attacks, as the Internet has recently witnessed record-breaking 1 Tbps DDoS attack that was launched using more than 150,000 hacked Internet-connected smart devices. Security researcher Pierre Kim has discovered  multiple vulnerabilities in the D-Li
w00t! Google OnHub Router actually Runs on Chrome OS; Here's How to Root it

w00t! Google OnHub Router actually Runs on Chrome OS; Here's How to Root it

Oct 12, 2015
Are you intrigued with the idea of disassembling things and making them work your ways? Then you'll find this coverage to be one of its kind! Google OnHub Router runs ChromiumOS ( Chrome OS ), the same Linux-based operating system that powers Google Chromebook laptops and desktops. Yeah, It's True. A Group of researchers has revealed that Google OnHub Router is actually a modified Chromebook in Cylindrical form and without screen. OnHub is a modern dual-band wireless router, designed by Google and TP-Link, operates networks on both the 2.4GHz & 5GHz frequency bands simultaneously and offers the speed of up to 1900 Mbps. Unlike traditional Broadband Routers, Google OnHub is designed to support " The Internet of Things " as well as other Smart devices, including Smartphones, Connected TVs and Computers. A Team of Modders at Exploitee.rs , also famous as GTVHacker , have successfully managed to root Google OnHub device, in the same way, they
Critical Netgear Router Exploit allows anyone to Hack You Remotely

Critical Netgear Router Exploit allows anyone to Hack You Remotely

Oct 10, 2015
Yes, NETGEAR Routers have once again become a victim of DNS Monitoring, potentially affecting 11,000 Devices. This week, we reported about a Vigilante Hacker , who protected users by installing malware on their Wi-Fi routers, forcing them to use a secure password. Now within few days, a security researcher has discovered a serious vulnerability in Netgear routers that has been publicly exploited by hackers. The critical flaw could allow hackers to bypass authentication mechanism and change the Domain Name System (DNS) settings of victims' routers to the malicious IP address. [ Exploit Code ] A security researcher, named Joe Giron, gave the details of his experience to BBC, saying that he noticed some anonymous activities in his machine and on investigating he learned that: The admin settings on his personal router have been modified on 28 September. Specifically, Domain Name System (DNS) settings on his router were changed to a suspicious IP address.
Popular Belkin Wi-Fi Routers vulnerable to Hackers

Popular Belkin Wi-Fi Routers vulnerable to Hackers

Sep 03, 2015
US-CERT has outlined about Wireless routers developed by Belkin supposedly containing several vulnerabilities. CERT in their Vulnerability Note VU#201168 (Vulnerability ID) said, that Belkin's N600 DB Wireless Dual-Band N+ Router, model F9K1102 v2 with firmware version 2.10.17 and very likely earlier versions are packed with multiple and critical vulnerabilities. The targeted router is the fastest long-range router with speeds up to 300Mbps + 300Mbps** allows a great multi-device coverage and with its dual-band operating speed empowering and prioritizing exhaustive activities like video streaming and online gaming. Few months back, The Hacker News (THN)  reported about vulnerabilities in routers capable of hijacking user's data at different instances. Belkin router is accused of loopholes that allow an attacker to spoof DNS, conduct man-in-the-middle attack, perform privilege escalation and implement Cross Site Request Forgery(CSRF). CERT lists out the multi
Vulnerability in Hotel WiFi Network Exposes You to Hackers

Vulnerability in Hotel WiFi Network Exposes You to Hackers

Mar 27, 2015
There is no end to users problem when it comes to security. Everything is easily hackable — from home wireless routers to the large web servers that leak users' personal data into the world in one shot. If you love to travel and move hotels to hotels, then you might be dependent on free Wi-Fi network to access the Internet. However, next time you need to be extra cautious before connecting to Hotel's Wi-Fi network, as it may expose you to hackers. Security researchers have unearthed a critical flaw in routers that many hotel chains depend on for distributing Wi-Fi networks. The security vulnerability could allow a hacker to infect guests with malware, steal or monitor personal data sent over the network, and even gain access to the hotel's keycard systems and reservation. HACKING GUEST WIFI ROUTER Several models of InnGate routers manufactured by ANTlabs, a Singapore firm, have a security weakness in the authentication mechanism of the firmware. The se
Vulnerability Exposes Thousands of GoPRO Users' Wireless Passwords

Vulnerability Exposes Thousands of GoPRO Users' Wireless Passwords

Mar 03, 2015
GoPro , the popular wearable high-definition camera manufacturer, has vulnerability in its official website that exposes usernames and passwords of thousand of its customers' wireless network. Action camera maker GoPro manufactures cameras which are compact, lightweight, rugged, and are wearable or mountable on vehicles. GoPro cameras capture still photos or video in HD through a wide-angle lens. GoPro offers a mobile app to its users that gives you full remote control of all camera functions — take a photo, start/stop recording and adjust settings. You need to connect to the wireless network operated by your camera, and the GoPro app gives you instant access to the GoPro Channel to view photos and play back videos, then share your favorites via email, text, Facebook, Twitter and more. FLAW EXPOSES WIRELESS PASSWORD Security researcher Ilya Chernyakov reported The Hacker News team that GoPro camera update mechanism could expose your wireless username and passwor
Have a D-Link Wireless Router? You might have been Hacked

Have a D-Link Wireless Router? You might have been Hacked

Feb 03, 2015
The popular DSL wireless router model from D-Link are allegedly vulnerable to a software bug that could allow remote hackers to modify the DNS (Domain Name System) settings on affected routers and to hijack users' traffic. The main goal of DNS hijacking is to secretly redirect user's traffic from a legitimate websites to a malicious one controlled by hackers. The vulnerability might also affects other devices because it is located in the same, widely-used wireless router firmware used by different manufacturers. Bulgarian security researcher Todor Donev discovered the flaw which exists in a widely deployed ZynOS firmware from ZyXEL Communications Corporation, that is used in network hardware from TP-Link Technologies, ZTE and D-Link. According to the security researcher, D-Link's popular DSL2740R wireless router and a number of other D-Link routers, particularly the DLS-320B, are vulnerable. Late last year, similar router vulnerability was discovered in the
Cybersecurity Resources